Agora Warning: “Error: Could not withdraw.”

Its not easy becoming the most popular marketplace in a single day, and that’s what happened to “Agora marketplace”, after the Silk Road 2 Hack – being the place most people migrated to, they are probably having a massive influx in their traffic, causing some technical difficulties, but whatever the case might be that is causing these issues, it is our duty to provide you with a heads up warning, to make sure you do not place any money into a marketplace where withdrawals are disabled, until you make sure that they are fixed, this screenshot was provided to us along with an access to see for ourselves, so we can confirm that this issue does exist:

There is no claim for scam or anything of that sort, just a warning to make sure this is fixed before you think about placing any money into this marketplaces, its recommended to follow their forums (it can be found on our list). yesterday the Admins also posted an interesting forum post addressing the issue that allegedly caused Silk Road to get hacked, pretty much calling out the Silk Road admins claims for being hacked using the Transaction Malleability bug, bullshit, intentional or just super incompetent:

Many services have recently had a lot of problems with Transaction Malleability.
We confirm that the problem exists and we consider it a minor design flaw in the Bitcoin protocol and/or common implementations. Without going into too much detail, definitions or arguments about how much of a flaw it is or whose fault it is, our perception is simply that Bitcoin has a Transaction Malleability issue which requires that software dealing with Bitcoin be written in a specific way that must deal with it, and that requirement is not entirely straightforward.

Our software is designed with, above all, the security goal in mind. After investigating the issue we now confirm that currently we know of no way in which Transaction Malleability could be used to steal coins from Agora.

Judging by our technical knowledge we would say that it is easy to understand how software using Bitcoin can be written in such way that it could be DoS-attacked by means of Transaction Malleability, and that this seems to be the case with some of the Bitcoin exchanges.
On the other hand we would also like to state that, from our technical perspective, it is very hard to imagine how one should design software in a way that it would be susceptible to coin theft by means of Transaction Malleability. In order to do that one must almost design it with that specific goal in mind (being susceptible to coin theft).

This way or the other, Just make sure all is working there again before you take the risk of losing anymore money – cause as we know, this site is also using normal escrow and not any form of multisig – which puts all funds at risk in the case the marketplace gets shutdown from whatever reason.

9 comments

“The site uses ordinary escrow without multisig putting funds at risk if the site is shut down for whatever reason” what would this mean if they were using multisig and it was seized, could it be the case that LE can’t touch the coin? That would be excellent to know LEA still couldn’t get their hands on it after shutting a site down